//package com.gss.plugin.oauth2.oauth;
//
//import com.gss.plugin.oauth2.config.Oauth2Properties;
//import com.gss.plugin.oauth2.exception.OAuth2ResponseExceptionTranslator;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
//import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.http.HttpMethod;
//import org.springframework.security.authentication.AuthenticationManager;
//import org.springframework.security.core.userdetails.UserDetailsService;
//import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
//import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
//import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
//import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
//import org.springframework.security.oauth2.provider.ClientDetailsService;
//import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
//import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
//import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
//import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
//import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
//import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
//import org.springframework.security.oauth2.provider.token.TokenStore;
//import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
//
//import javax.sql.DataSource;
//
///**
// * @author DYang
// * @date 2023/7/6
// */
//@ConditionalOnProperty(name = "stars.oauth-token.oauth2",havingValue = "true")
//@Configuration
//public class AuthorizationConfig extends AuthorizationServerConfigurerAdapter {
//
//    @Autowired
//    private Oauth2Properties oauthConfigProp;
//    @Autowired
//    private AuthenticationManager authenticationManager;
//    @Autowired
//    private UserDetailsService userDetailsService;
//    @Autowired
//    private TokenStore tokenStore;
//    @Autowired
//    private JwtAccessTokenConverter accessTokenConverter;
//    @Autowired
//    private DataSource dataSource;
//
//    private ClientDetailsService clientDetailsService;
//
//    @Autowired
//    public void setClientDetailsService(){
//        this.clientDetailsService = new JdbcClientDetailsService(dataSource);
//    }
//
//    /**
//     * 1、配置客户端
//     * @param clients the client details configurer
//     * @throws Exception
//     */
//    @Override
//    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//        clients.withClientDetails(clientDetailsService);
//    }
//
//    /**
//     * 2、端点服务
//     * @param endpoints the endpoints configurer
//     * @throws Exception
//     */
//    @Override
//    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
//
//        endpoints
//                // 认证管理器
//                .authenticationManager(authenticationManager)
//                //令牌存储管理器
//                .tokenServices(this.tokenServices())
//                //密码模式用户信息管理
//                .userDetailsService(userDetailsService)
//                //授权码模式使用
//                .authorizationCodeServices(this.authorizationCodeServices())
//                //设置自定义异常解析器
//                .exceptionTranslator(new OAuth2ResponseExceptionTranslator())
//                .allowedTokenEndpointRequestMethods(HttpMethod.POST)
//        ;
//
//    }
//
//    /**
//     * 设置临牌端点安全策略，授权哪些服务可以获取令牌
//     * @param security a fluent configurer for security features
//     * @throws Exception
//     */
//    @Override
//    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
//        security.tokenKeyAccess("permitAll()") //oauth/token_key 公开
//                .checkTokenAccess("permitAll()") // oauth/check_token 公开
//                .allowFormAuthenticationForClients(); //表单认证获取令牌
//    }
//
//    /**
//     * 管理令牌策略
//     * @return
//     */
//    public AuthorizationServerTokenServices tokenServices(){
//        DefaultTokenServices services = new DefaultTokenServices();
//        services.setClientDetailsService(clientDetailsService); //客户端详情服务
//        services.setSupportRefreshToken(oauthConfigProp.isTokenRefresh());  //允许令牌自动刷新
//        services.setTokenStore(tokenStore);     //令牌存储策略
//        //使用JWT令牌
//        services.setTokenEnhancer(accessTokenConverter);
//        services.setAccessTokenValiditySeconds(oauthConfigProp.getTokenValidityTime()); //令牌有效期
//        services.setRefreshTokenValiditySeconds(oauthConfigProp.getTokenRefreshTime()); //刷新令牌有效时间
//        return services;
//    }
//
//    /**
//     * 设置授权码模式token存储
//     * @return
//     */
//    @Bean
//    public AuthorizationCodeServices authorizationCodeServices(){
//        AuthorizationCodeServices services = null;
//        String authCodeMode = oauthConfigProp.getAuthCodeMode();
//        if (authCodeMode != null && authCodeMode.equals("jdbc")) {
//            //保存授权码到表中
//            services = new JdbcAuthorizationCodeServices(dataSource);
//        }
//        if (services == null) {
//            //保存授权码在内存中
//            services = new InMemoryAuthorizationCodeServices();
//        }
//        return services;
//    }
//
//
//}
